package com.example.demo;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.cloud.netflix.eureka.EnableEurekaClient;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;

import de.codecentric.boot.admin.server.config.AdminServerProperties;
import de.codecentric.boot.admin.server.config.EnableAdminServer;

@Configuration
@EnableAutoConfiguration
@EnableAdminServer
@EnableEurekaClient
public class EurekaAdminApplication {

	public static void main(String[] args) {
		SpringApplication.run(EurekaAdminApplication.class, args);
	}
	 @Profile("insecure")
	    @Configuration
	    public static class SecurityPermitAllConfig extends WebSecurityConfigurerAdapter {
	        @Override
	        protected void configure(HttpSecurity http) throws Exception {
	            http.authorizeRequests().anyRequest().permitAll()//
	                    .and().csrf().disable();
	        }
	    }
	 
	    @Profile("secure")
	    @Configuration
	    public static class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
	        private final String adminContextPath;
	 
	        public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
	            this.adminContextPath = adminServerProperties.getContextPath();
	        }
	 
	        @Override
	        protected void configure(HttpSecurity http) throws Exception {
	            // @formatter:off
	            SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
	            successHandler.setTargetUrlParameter("redirectTo");
	 
	            http.authorizeRequests()
	                    .antMatchers(adminContextPath + "/assets/**").permitAll()
	                    .antMatchers(adminContextPath + "/login").permitAll()
	                    .anyRequest().authenticated()
	                    .and()
	                    .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
	                    .logout().logoutUrl(adminContextPath + "/logout").and()
	                    .httpBasic().and()
	                    .csrf().disable();
	            // @formatter:on
	        }
	    }

}
